In general, managed network or system security programs or platforms are designed to try to detect threats from malicious actors and take actions to address or remedy such threats. This has resulted in somewhat of a cat-and-mouse game, with “good guys” on one side trying to counteract “bad guys” on the other side; but unfortunately, the “good guys” have been fundamentally disadvantaged, since a “bad guy” or malicious actor can take actions that may seem relatively small, for example, using rudimentary, relatively cheap technology, that may have very large impact and require large expensive efforts on behalf of the good guys. Malicious or threat actors further often test their attacks on smaller, less sophisticated data controllers to make sure that such attacks are viable or are generally successful at penetrating known security before such attacks are deployed against larger, more sophisticated data controllers. Also, many times the actions taken by attackers/malicious actors only become recognizable as part of a threat or become apparent in hindsight, and only are noticeable/detectible sometime after security has been initially compromised, and/or with threat/malicious actions frequently changing or modifying their tactics, making it difficult to quickly identify, detect and/or stop malicious actors/attackers from inflicting serious harm.
Accordingly, it can be seen that a need exists for security experts to be able to share security data, threat intelligence and analytics to allow the rapid development of new or updated security applications or models for detecting or deterring malicious actors. The present disclosure addresses these and other related and unrelated problems in the art.